On Tue, 2009-05-05 at 12:15 -0700, Joel Becker wrote: > On Tue, May 05, 2009 at 02:41:22PM -0400, Stephen Smalley wrote: > > On Tue, 2009-05-05 at 11:00 -0700, Joel Becker wrote: > > > On Mon, May 04, 2009 at 12:59:39PM -0400, Stephen Smalley wrote: > > > > On Tue, 2009-05-05 at 01:35 +1000, James Morris wrote: > > > > > Agreed, perhaps something like: > > > > > > > > > > int security_inode_reflink(struct dentry *dentry, struct inode *dir); > > > > > > > > I'd pass the same arguments as vfs_reflink(), i.e. old_dentry, dir, > > > > new_dentry. > > > > > > I'm about to insert this bit. I agree with > > > security_inode_reflink(old_dentry, dir, new_dentry), but I note that > > > security_path_reflink() was proposed in another email, and I'm guessing > > > I should add both? > > > > The TOMOYO folks said that calling security_path_link() would suffice > > for their purposes. SELinux would want security_inode_reflink() from > > vfs_reflink(). > > I've added both. I have no idea how to add the actual > SELinux/TOMOYO bits, so I've just added the operations hook :-) That's fine - we can fill in the hook implementations for our respective modules. You do need to add a stub function to capability.c and add a line to security_fixup_ops() so that the function pointer is initially set though. -- Stephen Smalley National Security Agency -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
